Trust Assessment
backend-patterns received a trust score of 94/100, placing it in the Trusted category. This skill has passed all critical security checks and demonstrates strong security practices.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 1 medium, and 0 low severity. Key findings include Exposure of Raw SQL Error Messages.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Exposure of Raw SQL Error Messages The `create_market_with_position` SQL function, demonstrated in the 'Transaction Pattern' section, directly returns the `SQLERRM` (SQL Error Message) when an exception occurs. Exposing raw database error messages to clients can leak sensitive information about the database schema, internal query structure, or other confidential details, which can be leveraged by attackers for reconnaissance or further exploitation. Modify the SQL function to return a generic, non-descriptive error message to the client instead of `SQLERRM`. Log the detailed `SQLERRM` internally for debugging purposes, but ensure it is not exposed externally. For example, return `jsonb_build_object('success', false, 'error', 'Database transaction failed')`. | LLM | SKILL.md:185 |
Scan History
Embed Code
[](https://skillshield.io/report/29568cc9911b123a)
Powered by SkillShield